EP4071600A1 - Method and system for generating and executing a software appliance - Google Patents
Method and system for generating and executing a software appliance Download PDFInfo
- Publication number
- EP4071600A1 EP4071600A1 EP22166701.7A EP22166701A EP4071600A1 EP 4071600 A1 EP4071600 A1 EP 4071600A1 EP 22166701 A EP22166701 A EP 22166701A EP 4071600 A1 EP4071600 A1 EP 4071600A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- processing
- software
- computer system
- computer
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 33
- 238000012545 processing Methods 0.000 claims abstract description 290
- 238000004590 computer program Methods 0.000 claims description 7
- 238000004891 communication Methods 0.000 description 9
- 238000010586 diagram Methods 0.000 description 7
- 238000013528 artificial neural network Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000003466 anti-cipated effect Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000012549 training Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/35—Creation or generation of source code model driven
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/36—Software reuse
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/71—Version control; Configuration management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45562—Creating, deleting, cloning virtual machine instances
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45575—Starting, stopping, suspending or resuming virtual machine instances
Abstract
Description
- The present disclosure relates to a computer implemented method and a computer system for generating and executing a software appliance. Specifically, the present disclosure relates to a computer implemented method for generating and executing a software appliance on a processor of a computer system, and to a computer system comprising a processor configured to generate and execute a software appliance.
- A strong trend in computing, in particular in server computing, has been to move to ever increasing levels of abstraction through the use of intermediate software layers between the computing hardware and the software application it is executing. A kernel, which is a computer program which directly interfaces with the computing hardware, forms the core of a computer's operating system. Typically, the kernel forms part of a single operating system in which software applications are executed. The kernel resides in a part of the virtual memory called the kernel space, which virtual memory is itself an abstraction of the physical memory (volatile and non-volatile data storage) available to the computing hardware. The software applications then reside in a part of the virtual memory called the user space. However, using modern operating system (OS) level virtualization, the kernel allows the existence of multiple user space instances called containers. These containers are isolated from each other and present, to software applications being executed on them, virtual computing hardware and resources, the resources including network input/output, peripherals, etc. One example of a product which supports such containerization is Docker, which can package an application and its dependencies into a virtual container which can run on any operating system, such as Linux, Windows, or MacOS.
- The use of containers allows for flexible and efficient deployment and scaling of single software applications, software bundles, or entire computing environments, as the software applications themselves along with all necessary libraries, configuration files, and data (for example as stored in a database) can be packaged into containers and deployed as a whole. The containers can be deployed on server computers which are on-premises, in a public cloud, or in a private cloud.
- Modern platforms, such as Openshift and Kubernetes, allow automated deployment, scaling in response to load, monitoring and management of containerized software applications across clusters of hosts, such as large cloud computing centers.
- A software appliance is a type of software application which is bundled with at least part of an operating system. The software appliance can easily be implemented on computing hardware because no installation or configuration is required.
-
US 8321948 B2 discloses one or more software appliances whose operational parameters may be set using a configuration manager. Additionally, a deployment and a licensing manager are disclosed to maintain compliance of the operating parameters with the license terms. - It is an object of this disclosure to provide a computer implemented method and a computer system for generating and executing a software appliance. In particular, it is an object of the present disclosure to provide a computer implemented method for generating and executing a software appliance on a processor of a computer system, and to provide a computer system comprising a processor configured to generate and execute a software appliance.
- According to the present disclosure, these objects are achieved through the features of the independent claims. In addition, further advantageous embodiments follow from the dependent claims and the description.
- According to the present disclosure, the above-mentioned objects are particularly achieved by a computer-implemented method of generating and executing a software appliance, whereby the method comprises receiving in a computer system a work request from a requesting computer, the work request comprising action data, workload data, and metadata. The action data defines a computer processing task to be performed. The workload data is input for the computer processing task to be performed, and the metadata indicates processing conditions for the computer processing task to be performed. The method further comprises the computer system determining from a processing environment repository a determined processing environment, depending on the metadata included in the work request. The method further comprises the computer system selecting from a software container template repository one or more selected software container templates, depending on the action data and the metadata included in the work request. The method further comprises the computer system generating the software appliance for the determined processing environment, using the one or more selected software container templates. The method further comprises the computer system deploying the software appliance for executing the software appliance on a processing computer system of the determined processing environment, using the workload data included in the work request.
- In an embodiment, generating the software appliance comprises the computer system generating one or more software containers, using the selected software container templates and the metadata included in the work request, and generating the software appliance using the one or more generated software containers.
- In an embodiment, the method further comprises the processing computer system of the determined processing environment generating a processing result by executing the software appliance, and transmitting the processing result to the requesting computer.
- In an embodiment, the metadata includes hardware requirements for the processing computer system of the processing environment, the hardware requirements including an amount of memory, an amount of disk storage space, and/or processing power; and determining the processing environment comprises the computer system using the hardware requirements.
- In an embodiment, the metadata includes software requirements for the processing environment, the software requirements including an operating system and/or a database type; and determining the processing environment comprises the computer system using the software requirements.
- In an embodiment, the metadata includes security requirements for the processing environment, the security requirements including an on-premise computing centre, a cloud computing centre, and/or an authentication level; and determining the processing environment comprises the computer system using the security requirements.
- In an embodiment, the metadata includes processing requirements related to execution of the computer processing task to be performed, the processing requirements including scheduling data, cost data, and/or energy efficiency data; and executing the software appliance comprises the computer system using the processing requirements.
- In an embodiment, the action data includes identification data for the computer processing task to be performed, the identification data defining a software application, a software program, a software processing engine, and/or a software formatting engine; and selecting the one or more selected software container templates comprises the computer system using the identification data.
- In an embodiment, the action data includes operational data for the computer processing task to be performed, the operational data defining an operational parameter for a software application, a software program, and/or a software processing engine, and/or format specification for a software formatting engine; and selecting the one or more selected software container templates comprises the computer system using the operational data.
- In an embodiment, the method comprises the computer system receiving a processing command directed to the software appliance, and responsive to the processing command executing the processing command by performing stop execution of the software appliance and/or return status information related to execution of the software appliance.
- In addition to a computer-implemented method of generating and executing a software appliance, the present disclosure also relates to a computer system for generating and executing a software appliance, the computer system comprising one or more processors configured to perform a number of steps. The steps include receiving a work request from a requesting computer. The work request comprises action data, workload data, and metadata, the action data defining a computer processing task to be performed, the workload data being input for the computer processing task to be performed, and the metadata indicating processing conditions for the computer processing task to be performed. The steps further include determining from a processing environment repository a determined processing environment, depending on the metadata included in the work request. The steps further include selecting from a software container template repository one or more selected software container templates, depending on the action data and the metadata included in the work request. The steps further include generating the software appliance for the determined processing environment, using the one or more selected software container templates. The steps further include deploying the software appliance for executing the software appliance on a processing computer system of the determined processing environment, using the workload data included in the work request.
- In an embodiment, the one or more processors are further configured to perform the method as described above.
- In addition to a computer-implemented method of generating and executing a software appliance and a computer system for generating and executing a software appliance, the present disclosure also relates to a computer program product comprising a non-transitory computer readable medium having stored thereon program code configured to control one or more processors of a computer system such that the computer system performs a number of steps. The steps include receiving a work request from a requesting computer, the work request comprising action data, workload data, and metadata, the action data defining a computer processing task to be performed, the workload data being input for the computer processing task to be performed, and the metadata indicating processing conditions for the computer processing task to be performed. The steps further include determining from a processing environment repository a determined processing environment, depending on the metadata included in the work request. The steps further include selecting from a software container template repository one or more selected software container templates, depending on the action data and the metadata included in the work request. The steps further include generating the software appliance for the determined processing environment using the one or more selected software container templates. The steps further include deploying the software appliance for executing the software appliance on a processing computer system of the determined processing environment, using the workload data included in the work request.
- In an embodiment, the program code is further configured to control the one or more processors of the computer system such that the computer system performs the method as described above.
- The present disclosure will be explained in more detail, by way of example, with reference to the drawings in which:
- Figure 1:
- shows a flow diagram illustrating schematically a computer system receiving a work request from a requesting computer, generating a software appliance, and deploying the software appliance for execution on a processing computer system of a determined processing.
- Figure 2:
- shows a flow diagram illustrating an exemplary sequence of steps for generating and executing a software appliance in response to a work request.
- Figure 3:
- shows a block diagram illustrating schematically data elements of a work request.
- Figure 4:
- shows a flow diagram illustrating an exemplary sequence of steps for receiving a processing command and executing the processing command.
- In
Figure 1 ,reference numeral 1 refers to a computer system. Thecomputer system 1 comprises one or more computers, each having one ormore processors 10, as well as memory, which includes both volatile memory and non-volatile memory, and a communication interface allowing the one or more computers of thecomputer system 1 to communicate with each other as well as allowing thecomputer system 1 to communicate with other computers, which may be located on-premises or located remotely. The communication interface, for example, communicatively connects thecomputer system 1 to a network, such as the Internet. In particular, the computer system is communicatively connected to a requestingcomputer 3 and to a number ofprocessing computer systems 21, 21' ofvarious processing environments 2. - The requesting
computer 3 comprises one or more processors and memory (both volatile memory and non-volatile memory) and may be located on-premises with thecomputer system 1 or located remotely from thecomputer system 1. The requestingcomputer 3 is configured to generate awork request 4, as explained in more detail with reference toFigure 2 . - The
computer system 1 comprises aprocessing environment repository 11. Theprocessing environment repository 11 is stored in the memory of thecomputer system 1 and comprises, for example, a database, a table, and/or a list. Theprocessing environment repository 11 includes identifiers of a plurality ofprocessing environments 2 to which thecomputer system 1 is communicatively connected. - Additionally, the
processing environment repository 11 stores a plurality of processing environment specifications, each processing environment specification being associated with aparticular processing environment 2 of a plurality ofdifferent processing environments 20. - In an embodiment, the processing environment specification includes a hardware configuration of a
processing computer system 21 of the associatedprocessing environment 2. The hardware configuration includes one or more of: an amount of memory, an amount of disk storage space, and/or processing power. In an embodiment, the hardware configuration further includes, for each associatedprocessing environment 2, one or more of: a processor configuration of at least one processor of theprocessing computer system 21, a processing power of theprocessing computer system 21, a memory configuration of at least one memory unit of theprocessing computer system 21, and/or a server type of one or more server computers of theprocessing computer system 21. The processing power includes a measure of the computing performance of theprocessing environment 2, such as number of floating point operations per second (FLOPS). - In an embodiment, at least one
processing environment 2 of the plurality ofprocessing environments 20 comprises a plurality ofprocessing computer systems 21, 21', whichprocessing computer systems 21, 21' are in a plurality of locations, embodied, for example, as a distributed cluster of data centres. - In an embodiment, the processing environment specifications include a software configuration of the associated
processing environment 2. For example, the software configuration comprises an operating system configuration and/or a database type. The operating system configuration relates not only to a specific type of operating system but also includes specific operating system components. The operating system configuration relates to an operating system of theprocessing computer system 21, which, in an embodiment, is a stripped-down operating system having only a kernel, which kernel is configured for operating-system level virtualization to allow the existence of multiple user space instances, which instances aresoftware appliances 22 according to the present disclosure. -
Software appliances 22 comprise one or more software applications and one or more components of an operating system, thesoftware appliance 22 being configured to be executable in theprocessing environment 2, in particular theprocessing computer system 21. In an embodiment, thesoftware appliance 22 comprises one or more of the following: one or more databases, one or more software libraries, or state-data relating to one or more application states of the one or more software applications. In particular, thesoftware appliance 22 is configured for use in a plurality of different virtualized hosting environments, in particular in thedifferent processing environments software appliance 22 is immediately executable on theprocessing computer system 21, in particular that the one or more software applications are executable on theprocessing computer system 21 without requiring an installation of the one or more software applications. - In an embodiment, the processing environment specifications include security properties of the
processing environment 2. The security properties include one or more of: a security level, an authentication level, a data encryption level, a data protection level, and/or a location property. The security level relates to a level of physical security maintained for a room, floor, and/or data centre in which theprocessing environment 2, in particular theprocessing computer system 21, is located. A high security level comprises the use of access controlled entry-ways and surveillance including cameras and guards. A low security level may have less robust physical barriers, less stringent access control, and less surveillance. The authentication level relates to which persons and/or other computer systems are given physical and/or virtual access to theprocessing computer system 21. A high authentication level grants access only a person and/or computer system belonging to a select group of authorized persons and/or systems with the authorization being checked using a robust and secure authentication protocol. The data encryption level relates to a cryptographic protocol used for encrypting data received by, stored in, and/or transmitted by theprocessing computer system 21. A standard data encryption level uses, for example, AES 256 encryption, while a high data encryption level may use a greater key length or, advantageously, use so-called quantum proof encryption designed to be resistant to anticipated decryption capabilities of quantum computers. The data protection level refers to data protection policies in force in a jurisdiction in which theprocessing environment 2 resides, in particular related to the explicit or implicit capabilities of government agencies of that jurisdiction, or a related jurisdiction, to intercept data communications traffic, demand access to data communications traffic or stored data, or other compromise the security of theprocessing computer system 21. The location property includes whether theprocessing computer system 21 is an on-premise computing centre, in particular, whether theprocessing computer system 21 is located on the same premises as the requestingcomputer 3 and/or thecomputer system 1. The location property includes whether theprocessing computer system 21 is a cloud computing centre located remotely from the requestingcomputer 3 and/or thecomputer system 1. Additionally, the location property includes, in an embodiment, a geographic location property, such as whether theprocessing computer system 21 is located in a computing center in the same country or on the same continent as the requestingcomputer 3 and/or thecomputer system 1. - In an embodiment, the processing environment specifications include energy efficiency data relating to a measure of performance per watt, measured, for example, using the LINPACK benchmark.
- In an embodiment, the processing environment specifications further include computing load information relating to a current and/or forecasted computing load of the
processing environment 2. - In an embodiment, the processing environment specifications further include scheduling data relating to available time slots and, optionally, available computing resources in the respective time slots. The scheduling data optionally further relates to a processing priority data and/or processing deadline data.
- In an embodiment, the processing environment specifications further include an interface specification relating to one or more digital communication interfaces which the
processing computer system 21 uses to communicate with thecomputer system 1 and/or the requestingcomputer 3. - In an embodiment, the processing environment specifications further include cost data relating to a cost of using the
processing computer system 21. In particular, the cost data relates to the cost of using one processing node of theprocessing computer system 21 for a pre-determined time period, which processing node comprises, for example, one or more CPUs and/or one or more GPUs. - The
processing environment 2 comprises aprocessing computer system 21, 21' and security properties of theprocessing computer system 21. As explained above in relation to theprocessing environment repository 11 and the processing environment specifications of eachprocessing environment processing environment repository 11, theprocessing computer system 21, 21' has a number of further technically relevant specifications which go beyond the hardware and/or software configuration of theprocessing computer system 21, 21'. A number of examples are given in the following paragraphs to illustrate different combinations of such further technically relevant specifications. - A first example of a
processing environment processing computer system 21, in this example a server computer, located in a secure access controlled room on-premises and having a Linux kernel, whichprocessing computer system 21 is not communicatively connected to the Internet and is communicatively connected only to a local network. Theprocessing computer system 21 of thisprocessing environment 2 is configured with an authentication level such that only authorized computer systems and users have access to the computer resources of the server computer. In particular, the server computer is configured such that onlyparticular computer systems 1 may communicate, over the local network, with the server computer. In particular, theprocessing computer system 21 is configured such thatonly software appliances 22 from a particularprocessing computer system 21 and/or having a particular identifier and/or type may be deployed to and executed on theprocessing computer system 21. Such aprocessing environment 2 has security properties which ensure a relatively high level of data security. - A second example of a
processing environment processing computer system 21 located remotely, i.e. off-site, in relation to thecomputer system 1 and/or the requestingcomputer 3, and communicatively connected to thecomputer system 1, for example via the Internet, via a wide area network (such as a software-defined wide area network using multiprotocol label switching), or via a dedicated private physical layer. Theprocessing environment 2 of this example has security properties which provide a relatively lower level of data security, in comparison to the first example, because the data communication between thecomputer system 1 and theprocessing computer system 21, or the data connection between theprocessing computer system 21 and the requestingcomputer 3, is susceptible to electronic eavesdropping. Additionally, by virtue of being located remotely, it can be more difficult to guarantee a high level of physical security relating to theprocessing computer system 21, i.e. ensuring that theprocessing computer system 21 is not tampered with. - A third example of a
processing environment computer system 1 via the Internet. Such aprocessing environment 2 has security properties which result in an even lower level of data security than the first two examples. This is because of the larger possibility of security breaches in theprocessing environment 2 itself, because it is operated by a third party, and because of the possibility of the communication between thecomputer system 1 and theprocessing environment 2 being electronically eavesdropped. - The
computer system 1 further comprises a softwarecontainer template repository 12. The softwarecontainer template repository 12 is stored in the memory of thecomputer system 1, for example in a database. The softwarecontainer template repository 12 comprises a plurality of software container templates. For example, the software container templates comprise software container configuration files. The software container templates comprise, in an embodiment, one or more of the following: one or more software applications, one or more software libraries, one or more components of an operating system, and/or one or more databases. - In an embodiment, the software container templates are used by the
computer system 1 to generate thesoftware containers 13 in step S4 as explained with reference toFigure 2 . - In an embodiment, a software container template, or a
software container 13 generated using the software container template, is used to generate asoftware appliance 22. The software container template used for generating thesoftware appliance 22 is selected from the softwarecontainer template repository 12 according to data included in thework request 4 as explained below. Thesoftware appliance 22 is generated such that it can be executed on theprocessing computer system 21. - In an embodiment, the
computer system 1 has stored in the memory, in association with each software container template, a software container specification relating to one or more of the following technical specifications of the particular software container: environment requirements, payload capabilities, security capabilities, and/or digital interfaces. The environment requirements relate toparticular processing environments work request 4 as detailed below. The security capabilities relate to how secure the software container is when deployed to and being executed on theprocessing computer system 21, in particular how secure the data contained in the software container is. The digital interfaces relate to digital communication interfaces which the software container has for communicating with thecomputer system 1 and the requestingcomputer 3. Additionally, in an embodiment, the container repository and the stored software container templates comprise one or more digital signatures for allowing thecomputer system 1 and/or theprocessing computer system 21 to identify the software container and/or the software appliance generated using the software container template or the software container. - In an embodiment, the software
container template repository 12 additionally contains state data relating to a pre-determined state which the generatedsoftware appliance 22 is to have. The state data is designed to be loaded into memory in theprocessing computer system 21 such that thesoftware appliance 22 is, upon execution, immediately initialized into the pre-determined state. - Steps S1, S5 and S7, along with the
work request 4 and theprocessing result 5, are explained in detail below with reference toFigure 2 . -
Figure 2 shows a flow diagram illustrating an exemplary sequence of steps for generating and executing asoftware appliance 22. Steps S1, S5, and S7 are shown also inFigure 1 . In a preparatory step (not shown), thework request 4 is generated in the requestingcomputer 3. Thework request 4 consists of one or more data packages, and comprisesaction data 41,workload data 42, andmetadata 43. Theaction data 41 defines a computer processing task to be performed. - The
action data 41, in an embodiment, comprises identification data 411 (shown inFigure 3 ). Theidentification data 411 defines a software application, a software program, a software processing engine, and/or a software formatting engine. - In an embodiment, the
action data 41 comprises operational data 412 (shown inFigure 3 ) for the computer processing task to be performed. The operational data 412 defines an operational parameter for a software application, a software program, and/or a software processing engine, and/or format specification for a software formatting engine. - The
action data 41, in an embodiment, comprises the computer processing task itself, for example as comprised in compiled computer program code, non-compiled computer program code, and/or a computer processing script. This is particularly beneficial when the computer processing task to be performed is not a routine task. For example, theaction data 41 comprises formatting data for a document, the formatting data as defined in a mark-up language such as Extensible Mark-up Language (XML). Theworkload data 42 is input for the computer processing task to be performed. Theworkload data 42 is the input data which is to be processed, according to theaction data 41, to produce aprocessing result 5. Theworkload data 42 comprises, for example, a character string which is to be formatted according to theaction data 41, in particular according to formatting data as defined in a mark-up language. Themetadata 43 indicates processing conditions for the computer processing task to be performed. The processing conditions include hardware requirements 431,software requirements 432,security requirements 433, and/orprocessing requirements 434. The processing conditions as indicated by themetadata 43 correspond to the processing environment specifications which are stored in thecomputer system 1 in association with eachprocessing environment 2. - In step S1, the requesting
computer 3 transmits thework request 4 to thecomputer system 1, for example across a communication network such as the Internet or a local area network. Thework request 4 is received in thecomputer system 1 and stored in the memory of thecomputer system 1. - In step S2, the
computer system 1 processes thework request 4. Thecomputer system 1 determines theprocessing environment 2, selecting theprocessing environment 2 from theprocessing environment repository 11. Thecomputer system 1 determines theprocessing environment 2 using themetadata 43, in particular by identifying one ormore processing environments 2 whose processing environment specifications satisfy the processing conditions as defined by themetadata 43. For example, if theworkload data 42 is very large and/or theaction data 41 defines a complex processing task, themetadata 43 may indicate that the selectedprocessing environment 2 must meet particular hardware requirements 431. For example, if theaction data 41 defines a processing task comprising complicated vector operations and theworkload data 42 is large, the hardware requirements 431 may stipulate that theprocessing environment 2 comprises processing units such as graphics processing units (GPUs) which are able to efficiently process vector operations. Themetadata 43 may also defineparticular software requirements 432 which are to be met by theprocessing environment 2. Themetadata 43 may also may also defineparticular security requirements 433 which are to be met by theprocessing environment 2. For example, if theworkload data 42 comprises highly sensitive data, for example data relating to passwords, cryptographic keys, or proprietary information, theworkload data 42 is considered to have high security requirements and thesecurity requirements 433 as included in themetadata 43 shall indicate that the processing task is to be carried out in aprocessing environment 2 with a high level of security. The metadata may also compriseprocessing requirements 434 relating to scheduling data, cost data, and/or energy efficiency data. - The
computer system 1 is configured to select theprocessing environment 2 from theprocessing environment repository 11 by matching the criteria defined by themetadata 43 with the processing environment specification associated with eachprocessing environment processing environment Figure 1 . - In step S3, the
computer system 1 selects one or more software container templates from the softwarecontainer template repository 12. The software container templates are selected depending on thework request 4, in particular such that the software containers associated with the software container templates meet the criteria as defined by theaction data 41, theworkload data 42, and/or themetadata 43. - In an embodiment, the
identification data 411 included in theaction data 41 is used by thecomputer system 1 to select the one or more software container templates from the softwarecontainer template repository 12. - In an embodiment, the
identification data 411 is used to retrieve a computer processing task from a computer processing task repository stored on thecomputer system 1 or stored remotely from thecomputer system 1. This is particularly beneficial when the computer processing task to be performed is a task which is routinely performed such that the details of the processing task, for example including computer program code, are stored in the memory of thecomputer system 1 or retrieved from storage remote to thecomputer system 1, such that the size of thework request 4 is reduced. - In step S4, the
software appliance 22 is generated. Thesoftware appliance 22 is generated by thecomputer system 1 using the software container template. In an embodiment, generating thesoftware appliance 22 comprises generating a software container in step S41. - In an embodiment, the
software appliance 22 is generated by thecomputer system 1 for the selectedprocessing environment 2, in particular taking into consideration one or more characteristics of the selectedprocessing environment 2 and theprocessing computer system 21. For example, if the selectedprocessing environment 2 comprises aprocessing computer system 21 with a particular type of processing unit, for example a GPU or TPU, and the processing task involves operations on theworkload data 42 suitable for the particular type of processing unit, thesoftware appliance 22 is generated taking to account the particular suitability of theprocessing computer system 21 for the processing task. In another example, thesoftware appliance 22 is generated by thecomputer system 1 to comprise operating system components required by the one or more software applications to be contained in the software container, which operating system components are not available in theprocessing computer system 21 of the selectedprocessing environment 2. Thereby, thecomputer system 1 flexibly generates thesoftware appliance 22 such that it is compatible with a wide variety of different types ofprocessing environments - In an embodiment, the
software appliance 22 is generated using theidentification data 411 and/or the operational data 412 as defined by theaction data 41, for example such that thesoftware appliance 22 is generated containing one or more appropriately configured software applications, software programs, software processing engine, and/or software formatting engines. - In step S5, the
computer system 1 deploys thesoftware appliance 22. In particular,computer system 1 transmits thesoftware appliance 22 to theprocessing computer system 21, which receives thesoftware appliance 22. Thesoftware appliance 22 is stored in the memory of theprocessing computer system 21. - In an embodiment, the
metadata 43, or a part of themetadata 43, is transmitted from thecomputer system 1 to theprocessing computer system 21. For example, if processing requirements specify scheduling data indicating a time period during which thesoftware appliance 22 is to be executed. For asoftware appliance 22 whoseprocessing result 5 is not required immediately, the scheduling data may indicate that thesoftware appliance 22 is to be executed during off-peak hours, when a cost of electricity and/or a demand on computer resources of theprocessing computer system 21 is lower than during peak hours. For asoftware appliance 22 whose processing results 5 is required by a particular end time point, the scheduling data may indicate in the processing deadline data that thesoftware appliance 22 is to be executed at a given starting time point calculated such that theprocessing results 5 are available by the particular end time point. For asoftware appliance 22 whose processing results are urgently required, the processing priority data is used to indicate a high priority for execution of thesoftware appliance 22. In an embodiment, themetadata 43, or part of themetadata 43, is incorporated into thesoftware appliance 22. - In step S6, the
processing computer system 21 executes thesoftware appliance 22. In particular, the one or more processing units of theprocessing computer system 21 executes thesoftware appliance 22, in particular executing the one or more software applications contained in thesoftware appliance 22 such that theworkload data 42 is executed according to theaction data 41 as defined in thework request 4. - In an embodiment, the
processing computer system 21 executes the software appliance depending on themetadata 43 transmitted with thesoftware appliance 22 or incorporated into the software appliance. In particular, theprocessing computer system 21 executes the software appliance according to the scheduling data, the cost data, and/or the energy efficiency data. - In an embodiment, the
processing computer system 21 executes thesoftware appliance 22 upon receiving, from thecomputer system 1, an execution message configured to trigger the execution of thesoftware appliance 22. - The execution of the
software appliance 22 produces as an output aprocessing result 5. Theprocessing result 5 is theworkload data 42 as processed according to theaction data 41. In an example where theworkload data 42 comprises character strings and theaction data 41 defines a formatting specification, theprocessing result 5 includes the character strings formatted according to the formatting specification, whichprocessing result 5 is embodied as a formatted electronic document, for example. In an example where theworkload data 42 is an untrained neural network and a set of training data, theprocessing result 5 being a trained neural network, trained according to hyper parameters as indicated in theaction data 41. - In optional step S7, the
processing result 5 is transmitted from theprocessing environment 2 to the requestingcomputer 3. In particular, theprocessing result 5 is transmitted from theprocessing computer system 21 to the requestingcomputer 3. - In an optional further step, after transmitting the
processing result 5, theprocessing computer system 21 deletes, marks for overwriting, or otherwise disables thesoftware appliance 22. -
Figure 3 shows a block diagram illustrating thework request 4 and the data elements it contains according to various embodiments, each of which is described above in detail with reference toFigures 1 and2 . -
Figure 4 shows a flow diagram illustrating additional steps executed by theprocessing computer system 21 according to an embodiment of the disclosure. In step S8, theprocessing computer system 21 receives a processing command directed to thesoftware appliance 22 from thecomputer system 1 or the requestingcomputer 3. In step S9, theprocessing computer system 21 is configured to execute the processing command responsive to the processing command, by performing at least one of: stopping the execution of thesoftware appliance 22, or returning status information related to execution of thesoftware appliance 22.
Claims (14)
- A computer-implemented method of generating and executing a software appliance (22), the method comprising:receiving (S1) in a computer system (1) a work request (4) from a requesting computer (3), the work request (4) comprising action data (41), workload data (42), and metadata (43), the action data (41) defining a computer processing task to be performed, the workload data (42) being input for the computer processing task to be performed, and the metadata (43) indicating processing conditions for the computer processing task to be performed;determining (S2), by the computer system (1), from a processing environment repository (11) a determined processing environment (2), depending on the metadata (43) included in the work request (4);selecting (S3), by the computer system (1), from a software container template repository (12) one or more selected software container templates, depending on the action data (41) and the metadata (43) included in the work request (4);generating (S4), by the computer system (1), the software appliance (22) for the determined processing environment (2), using the one or more selected software container templates; anddeploying (S5), by the computer system (1), the software appliance (22) for executing (S6) the software appliance (22) on a processing computer system (21) of the determined processing environment (2), using the workload data (42) included in the work request (4).
- The method of claim 1, wherein generating (S4) the software appliance (22) comprises the computer system (1) generating (S41) one or more software containers (13), using the selected software container templates and the metadata (43) included in the work request (4), and generating (S4) the software appliance (22) using the one or more generated software containers (13).
- The method of one of claims 1 or 2, further comprising the processing computer system (21) of the determined processing environment (2) generating a processing result (5) by executing the software appliance (22), and transmitting (S7) the processing result (5) to the requesting computer (3).
- The method of one of claims 1 to 3, wherein the metadata (43) includes hardware requirements (431) for the processing computer system (21) of the processing environment (20), the hardware requirements (431) including at least one of: amount of memory, amount of disk storage space, or processing power; and determining (S2) the processing environment (2) comprises the computer system (1) using the hardware requirements (431).
- The method of one of claims 1 to 4, wherein the metadata (43) includes software requirements (432) for the processing environment, the software requirements (432) including at least one of: an operating system or a database type; and determining (S2) the processing environment (2) comprises the computer system (1) using the software requirements (432).
- The method of one of claims 1 to 5, wherein the metadata (43) includes security requirements (433) for the processing environment, the security requirements (433) including at least one of: an on-premise computing center, a cloud computing center, or an authentication level; and determining (S2) the processing environment (2) comprises the computer system (1) using the security requirements (433).
- The method of one of claims 1 to 6, wherein the metadata (43) includes processing requirements (434) related to execution of the computer processing task to be performed, the processing requirements (434) including at least one of: scheduling data, cost data, or energy efficiency data; and executing (S6) the software appliance (22) comprises the computer system (1) using the processing requirements (434).
- The method of one of claims 1 to 7, wherein the action data (41) includes identification data (411) for the computer processing task to be performed, the identification data (411) defining at least one of: a software application, a software program, a software processing engine, or a software formatting engine; and selecting (S3) the one or more selected software container templates comprises the computer system (1) using the identification data (411).
- The method of one of claims 1 to 8, wherein the action data (41) includes operational data (412) for the computer processing task to be performed, the operational data (412) defining at least one of: an operational parameter for a software application, a software program, or a software processing engine, or format specification for a software formatting engine; and selecting (S3) the one or more selected software container templates comprises the computer system (1) using the operational data (41 2).
- The method of one of claims 1 to 8, further comprising the computer system (1) receiving (S8) a processing command directed to the software appliance (22), and responsive to the processing command executing (S9) the processing command by performing at least one of: stop execution of the software appliance (22) or return status information related to execution of the software appliance (22).
- A computer system (1) for generating and executing a software appliance (22), the computer system (1) comprising one or more processors (10) configured to perform the steps of:receiving (S1) a work request (4) from a requesting computer (3), the work request (4) comprising action data (41), workload data (42), and metadata (43), the action data (41) defining a computer processing task to be performed, the workload data (42) being input for the computer processing task to be performed, and the metadata (43) indicating processing conditions for the computer processing task to be performed;determining (S2) from a processing environment repository (11) a determined processing environment (2), depending on the metadata (43) included in the work request (4);selecting (S3) from a software container template repository (12) one or more selected software container templates, depending on the action data (41) and the metadata (43) included in the work request (4);generating (S4) the software appliance (22) for the determined processing environment (2), using the one or more selected software container templates; and deploying (S5) the software appliance (22) for executing (S6) the software appliance (22) on a processing computer system (21) of the determined processing environment (2), using the workload data (42) included in the work request (4).
- The computer system (1) of claim 11, wherein the one or more processors (10) are further configured to perform the method of one of claims 2 to 10.
- A computer program product comprising a non-transitory computer readable medium having stored thereon program code configured to control one or more processors (10) of a computer system (1) such that the computer system (1) performs the steps of:receiving (S1) a work request (4) from a requesting computer (3), the work request (4) comprising action data (41), workload data (42), and metadata (43), the action data (41) defining a computer processing task to be performed, the workload data (42) being input for the computer processing task to be performed, and the metadata (43) indicating processing conditions for the computer processing task to be performed;determining (S2) from a processing environment repository (11) a determined processing environment (2), depending on the metadata (43) included in the work request (4);selecting (S3) from a software container template repository (12) one or more selected software container templates, depending on the action data (41) and the metadata (43) included in the work request (4);generating (S4) the software appliance (22) for the determined processing environment (2), using the one or more selected software container templates; anddeploying (S5) the software appliance (22) for executing (S6) the software appliance (22) on a processing computer system (21) of the determined processing environment (2), using the workload data (42) included in the work request (4).
- The computer program product of claim 13, wherein the program code is further configured to control the one or more processors (10) of the computer system (1) such that the computer system (1) performs the method of one of claims 2 to 10.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CH3502021 | 2021-04-06 |
Publications (1)
Publication Number | Publication Date |
---|---|
EP4071600A1 true EP4071600A1 (en) | 2022-10-12 |
Family
ID=78371702
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP22166701.7A Pending EP4071600A1 (en) | 2021-04-06 | 2022-04-05 | Method and system for generating and executing a software appliance |
Country Status (3)
Country | Link |
---|---|
US (1) | US11934804B2 (en) |
EP (1) | EP4071600A1 (en) |
CA (1) | CA3153014A1 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20240007416A1 (en) * | 2022-07-01 | 2024-01-04 | GM Global Technology Operations LLC | Discovery of remote resource providers for offloading computational processes |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8321948B2 (en) | 2008-03-28 | 2012-11-27 | Sap Ag | Flexible appliance hosting with coordination of deployment, licensing and configuration |
US20180341471A1 (en) * | 2017-05-26 | 2018-11-29 | Sap Se | Software appliance distribution with layer removal |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090328077A1 (en) * | 2008-06-25 | 2009-12-31 | International Business Machines Corporation | Software Appliances not Requiring Virtual Machines |
US8793379B2 (en) * | 2011-11-01 | 2014-07-29 | Lsi Corporation | System or method to automatically provision a storage volume by having an app-aware based appliance in a storage cloud environment |
US9426254B2 (en) * | 2013-11-22 | 2016-08-23 | Sap Se | Methods and systems for building a software appliance |
US10530840B2 (en) * | 2017-03-31 | 2020-01-07 | Ca, Inc. | Container-based system analytics appliance |
-
2022
- 2022-03-17 CA CA3153014A patent/CA3153014A1/en active Pending
- 2022-04-05 US US17/658,021 patent/US11934804B2/en active Active
- 2022-04-05 EP EP22166701.7A patent/EP4071600A1/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8321948B2 (en) | 2008-03-28 | 2012-11-27 | Sap Ag | Flexible appliance hosting with coordination of deployment, licensing and configuration |
US20180341471A1 (en) * | 2017-05-26 | 2018-11-29 | Sap Se | Software appliance distribution with layer removal |
Non-Patent Citations (1)
Title |
---|
CRISTIAN RUIZ ET AL: "Reconstructable Software Appliances with Kameleon", OPERATING SYSTEMS REVIEW, ACM, NEW YORK, NY, US, vol. 49, no. 1, 20 January 2015 (2015-01-20), pages 80 - 89, XP058063921, ISSN: 0163-5980, DOI: 10.1145/2723872.2723883 * |
Also Published As
Publication number | Publication date |
---|---|
CA3153014A1 (en) | 2022-10-06 |
US20220317982A1 (en) | 2022-10-06 |
US11934804B2 (en) | 2024-03-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11762986B2 (en) | System for securing software containers with embedded agent | |
CN105556478B (en) | System and method for protecting virtual-machine data | |
CN103270518B (en) | Virtual machine verification system and method thereof | |
US20160044013A1 (en) | Intelligent system for enabling automated secondary authorization for service requests in an agile information technology environment | |
US10956596B2 (en) | System and method for automatically securing sensitive data in public cloud using a serverless architecture | |
CN102411693A (en) | Inherited Product Activation For Virtual Machines | |
CN110838065A (en) | Transaction data processing method and device | |
CN105556475A (en) | Request processing techniques | |
JP7397557B2 (en) | Secure Execution Guest Owner Environment Control | |
EP2862119B1 (en) | Network based management of protected data sets | |
EP4071600A1 (en) | Method and system for generating and executing a software appliance | |
Eckel et al. | Secure attestation of virtualized environments | |
EP3553689A1 (en) | System and method for automatically securing sensitive data in public cloud using a serverless architecture | |
WO2023012201A1 (en) | Attestation of a secure guest | |
Micro | DEEP SECURITY™ SOFTWARE | |
WO2021096346A1 (en) | A computer-implemented system for management of container logs and its method thereof | |
US10097571B2 (en) | Tracking cloud workloads to isolate security breach exposure | |
Zegzhda et al. | Formal security model for virtual machine hypervisors in cloud computing systems | |
US11790082B2 (en) | Reasoning based workflow management | |
WO2023041037A1 (en) | Cloud-technology-based computing node and cloud-technology-based instance management method | |
US20220291953A1 (en) | Dynamically validating hosts using ai before scheduling a workload in a hybrid cloud environment | |
CN109150863B (en) | Desktop cloud access control method and device and desktop cloud terminal equipment | |
CN117034217A (en) | Application calling method and device, electronic equipment and storage medium | |
CN114971505A (en) | Workflow calling method and device, computer equipment and storage medium | |
CN117149224A (en) | Mirror image processing method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN PUBLISHED |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20230309 |
|
RBV | Designated contracting states (corrected) |
Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40079329 Country of ref document: HK |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: QUADIENT SOFTWARE INC. |